There is as reflected cross site scripting issue in Esri ArcGIS Server versions 10.9.1 and below which may allow a remote unauthorized attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Esri
Published: 2022-10-25T16:32:09.865172Z
Updated: 2024-09-16T22:02:55.747Z
Reserved: 2022-08-12T00:00:00
Link: CVE-2022-38195
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-10-25T17:15:55.257
Modified: 2024-11-21T07:15:58.737
Link: CVE-2022-38195
Redhat
No data.